Presidential Candidate John Delaney Wants To Create a Department of Cybersecurity (theverge.com) 71
On Tuesday, former Maryland representative and 2020 presidential candidate John Delaney announced a plan to create a Department of Cybersecurity that "would be led by a cabinet-level secretary who would be in charge of implementing the United States' cybersecurity strategy," reports The Verge. "The proposal is the first major cybersecurity push from any presidential candidate so far this cycle." From the report: In a press release, Delaney argued that the U.S.'s cyber authorities are spread too thin across too many agencies. This new agency would work to streamline the country's current approach. "Securing our cyber-infrastructure is not only a national security priority, it is an economic one as well," Delaney said. "In light of the many recent and continued cyberattacks on our country, we need to establish a cabinet-level agency to focus on protecting our cyberspace."
Currently, the cybersecurity responsibility is scattered across a number of agencies, with Homeland Security handling threats to civilian agencies, US Cyber Command dealing with military cyberattacks, the FBI prosecuting federal and international cybercrime, and a string of ISACs coordinating private sector actors alongside government agencies. In the past, the White House has appointed a cybersecurity coordinator, or "czar," to work across those agencies, but President Trump eliminated the position in May 2018, leaving no single person or agency in charge of leading the country's cybersecurity efforts.
Currently, the cybersecurity responsibility is scattered across a number of agencies, with Homeland Security handling threats to civilian agencies, US Cyber Command dealing with military cyberattacks, the FBI prosecuting federal and international cybercrime, and a string of ISACs coordinating private sector actors alongside government agencies. In the past, the White House has appointed a cybersecurity coordinator, or "czar," to work across those agencies, but President Trump eliminated the position in May 2018, leaving no single person or agency in charge of leading the country's cybersecurity efforts.
In Soviet Russia... (Score:2)
Re: (Score:2)
Just read a funny story that sort of fits in right here... We know that dictatorship could happen in Russia, both before and after the Soviets. However this related story is about Godel, back when he became an American citizen.
Godel, being a serious guy, studied quite seriously for the citizenship examination, including the Constitution. One of the guys helping him was a famous economist named Morgenstern. (The other "helper" was Einstein. Yes, THAT Einstein.) Godel decided the Constitution included logical
Boring (Score:2)
You want to vote for this guy, or someone creating a Space Force?
Besides, Trump already issued a National Cyber Strategy [whitehouse.gov], and there is already a joint military Cyber Force [fifthdomain.com].
Re: (Score:3)
Re: (Score:2)
The government tends to duplicate a number of roles and departments. Creating a monolithic bureaucracy that cost more in the end.
The bureaucracy also has a strong vested interest in NOT solving the problem, since doing so will obviate the reason for their existence, or at least reduce their budget.
Re: Boring (Score:3)
Re: (Score:2)
Security isn't a "solvable problem"
This is no single solution that will solve all security problems.
But there are solutions that will solve many security problems.
SQL injection attacks are far less successful today than a decade ago, mostly because of better APIs.
Buffer overflow vulnerabilities are also less common, because common libraries incorporate solutions such as Stack Canaries [wikipedia.org], and non-executable pages used for stacks and heaps.
The key is to not only develop better techniques, but to wrap them up in widely used APIs, frameworks, and
Re: Boring (Score:2)
Re: (Score:2)
You want to vote for this guy, or someone creating a Space Force?
Besides, Trump already issued a National Cyber Strategy [whitehouse.gov], and there is already a joint military Cyber Force [fifthdomain.com].
Yes, and in his great wisdom he appointed Rudy Giuliani as his cybersecurity advisor. Yes, the same Giuliani that doesn't know how links work [techcrunch.com] and thought someone hacked his Twitter account when his typo was linked is the guy that advises the President on computer security matters. Yes, the same Trump that bragged he would "surround myself only with the best and most serious people" and said "we want top-of-the-line professionals" decided to go with the guy who can't even master Twitter as the main policy
Re: (Score:2)
The one, true response and I've got no mod points.
Re: (Score:2)
Re: (Score:2)
Basically over here in ITSEC, whenever we hear some manager type use the word "cyber" in some context, we know we can relax and occupy ourselves with something important.
Because whatever he's saying is not.
Or they have government experience, or contacts (Score:2)
I don't like the term, but in government the term is cyber.
Twenty years in information security here. I will never call it "cyber", unless I'm talking about something government related. The guy putting together a $450 million federal contract for infosec is doing a cyber contract.
You hint at a better way (Score:2)
I'd hire back-hat hackers and under-20's to deal with this problem if I was truly serious about addressing this issue.
That's close but wouldn't really fix things...
Instead, anyone with a specific degree of hacking ability would automatically gain a UBI of $250k a year an immunity from all drug and prostitution laws.
Let the really good hackers take themselves out of the game through victory.
Re: (Score:2)
You do know that 250k a year is pebbles compared to what you can embezzle if you really know your shit, yes?
NSA (Score:1)
What happens when some other group starts implementing real US domestic cybersecurity?
No more plain text collect it all and what was PRISM?
Re: (Score:1)
Good, we need it (Score:1)
Finally, we will have an agency that will ensure that our cybersecurity policies do not disproportionately affect women, minorities, underserved gender groups, or other victims of white manhood.
Department of redundant reundancy (Score:2)
I thought the NSA already was charged with this. Wasn't the whole reason for the NSA is to manage communications security in the first place? In 1952.
Re: (Score:2)
How much help will it be? (Score:2)
Unless you somehow also give them legal control over the computer systems of all other departments, it won't help protect government information. You can't expect security when your software is essentially legislated through appropriations. As for private security, it would be much simpler to legislate around fines and penalties for breach and let the market handle the problem.
YES! (Score:3)
He's right, we really need some sort of department or agency to ensure our cybersecurity. Nay, not just cybersecurity but our security in general. It would need to protect not just the government but the whole nation. Yes, that's it! We need a national security agency!.... Wait a second... ;)
Wrong approach (Score:2)
I'd prefer we create a "Department of Science and Technology". So, so many of our politicians are completely ignorant about technology issues facing our country; cybersecurity is only one of them. Climate change, nuclear power, net neutrality, rare earth metals, space travel, and the opioid crisis are just a few of the many, many science and technology issues that our executive branch needs to weigh in on every day. Having a cabinet level position that advises our president on these important issues woul
NO (Score:2)
Why was the cybersecurity position eliminated? (Score:2)
President Trump eliminated the position in May 2018
What was the reason for this? I read the article, it just said to reduce bureaucracy. That's bullshit, what was the actual reason?
Re: (Score:2)
Billions and billions will be used... (Score:2)
...for nothing in return... an agency that will produce nothing and basically protect nothing, hiring high $$$ private consultants from political friends
Why do Democrats always want bigger Government??! (Score:1)
I knew this John Delaney guy was a Democrat instantly because of the desire to grow the government in a completely unnecessary way.
We have the NSA, that's all you need.
Politicians who clearly have no clue... (Score:2)
A basic concept here: If you are concerned with security, then why are you connecting infrastructure to the Internet in any way? Use your own fiber, don't let others tap into it, and then, security becomes about ways to keep people from illegally tapping into that fiber, which is NOT there for the use of the public. Military....nope, no Internet, power, traffic, you name it, don't connect these things to a network that is going to be open to hacking attempts. You can place SOME systems on the Internet